Search for packages
Package details: pkg:alpm/archlinux/erlang@28.0-2
purl pkg:alpm/archlinux/erlang@28.0-2
Next non-vulnerable version 28.0.1-1
Latest non-vulnerable version 28.0.1-1
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-4wxk-5vxa-e7dq
Aliases:
CVE-2025-4748
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2, zip:extract/1, zip:extract/2 unless the memory option is passed. This issue affects OTP from OTP 17.0 until OTP 28.0.1, OTP 27.3.4.1 and OTP 26.2.5.13, corresponding to stdlib from 2.0 until 7.0.1, 6.2.2.1 and 5.2.3.4.
28.0.1-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-07-31T11:37:30.581063+00:00 Arch Linux Importer Affected by VCID-4wxk-5vxa-e7dq https://security.archlinux.org/AVG-2900 37.0.0